您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

《山东大学学报(理学版)》 ›› 2019, Vol. 54 ›› Issue (5): 52-76.doi: 10.6040/j.issn.1671-9352.2.2018.079

•   • 上一篇    下一篇

一种抗去同步的轻量级RFID双向认证协议

代新敏1(),谢晓尧2,*()   

  1. 1. 贵州大学计算机科学与技术学院,贵州 贵阳 550025
    2. 贵州师范大学贵州省信息与计算科学重点实验室,贵州 贵阳 550001
  • 收稿日期:2018-09-20 出版日期:2019-05-20 发布日期:2019-05-09
  • 通讯作者: 谢晓尧 E-mail:xmdai@gzu.edu.cn;xiexy@gzu.edu.cn
  • 作者简介:代新敏(1974—),男,博士研究生,研究方向为信息安全、物联网. E-mail:xmdai@gzu.edu.cn
  • 基金资助:
    国家自然科学基金资助项目(61461009);贵州省科学技术基金资助项目(黔科合J字[2011]2200号)

A lightweight anti-desynchronization RFID mutual authentication protocol

Xin-min DAI1(),Xiao-yao XIE2,*()   

  1. 1. School of Computer Science and Technology, Guizhou University, Guiyang 550025, Guizhou, China
    2. Key Laboratory of Information and Computing Science of Guizhou Province, Guizhou Normal University, Guiyang 550001, Guizhou, China
  • Received:2018-09-20 Online:2019-05-20 Published:2019-05-09
  • Contact: Xiao-yao XIE E-mail:xmdai@gzu.edu.cn;xiexy@gzu.edu.cn
  • Supported by:
    国家自然科学基金资助项目(61461009);贵州省科学技术基金资助项目(黔科合J字[2011]2200号)

摘要:

轻量级的射频识别(radio frequency identification,RFID)协议常采用同步更新机制以避免位置隐私的泄露,但却带来了去同步攻击的问题。去同步攻击使得标签与数据库同步更新的秘密数据不一致,导致标签永久失效。通过对已有协议的分析,发现其不具备抵御去同步攻击的效果。对已有协议进行改进,提出了一种新的抗去同步攻击的轻量级双向认证协议,并利用串空间理想诚实理论对新协议进行了形式化分析,证明了新协议的正确性。

关键词: 射频识别, 安全协议, 物理不可克隆函数, 去同步攻击, 串空间

Abstract:

Lightweight radio frequency identification (RFID) protocols usually adopt a synchronous update mechanism to avoid leakage of location privacy, but it brings the problem of desynchronization attack. Desynchronization attack can cause inconsistent updates of the secret data between the tag and the database. As a result, the tag does not work properly. After the analysis of an existing protocol, it is found that it is vulnerable to the attack of desynchronization. In view of the defects of the existing protocol, a new lightweight mutual authentication protocol against desynchronization attack is proposed. The formal analysis of the new protocol is carried out by using the ideal honest theory of the strand space, which proves the correctness of the new protocol.

Key words: RFID, security protocol, physically unclonable function, desynchronization attack, strand space

中图分类号: 

  • TN915.08

图1

KMP+协议"

图2

KMP+协议消息交互"

图3

第一种去同步攻击丛"

图4

第二种去同步攻击丛"

图5

新的协议"

图6

新协议的消息交互"

表1

相关协议安全性比较"

安全目标RMABPKMPKMP+新协议
抗假冒攻击××
抗去同步攻击××
抗信息泄露×
抗重放攻击××
前向安全×
抗克隆攻击
不可追踪×
双向认证×

表2

相关协议性能比较"

性能要求RMABPKMPKMP+新协议
标签存储2L3L4L4L
DB存储2L4L5L7L
通信开销4L4L5L5L
标签计算量2P+1LF2P+3LF2P+4LF2P+4LF
DB计算量(0.5n+1)P+1LF0P+3LF0P+5LF0P+4.5LF
1 PANG L J, HE L W, PEI Q Q, et al. Secure and efficient mutual authentication protocol for RFID conforming to the EPC C-1 G-2 standard[C]//2013 IEEE Wireless Communications and Networking Conference (WCNC), Shanghai: IEEE, 2013: 1870-1875.
2 WANG S H , LIU S J , CHEN D W . Security analysis and improvement on two RFID authentication protocols[J]. Wireless Personal Communications, 2015, 82 (1): 21- 33.
doi: 10.1007/s11277-014-2189-x
3 SAFKHANI M , HOSSEINZADEH M , NAMIN M E , et al. On the (Im)possibility of receiving security beyond 2l using an l-bit PRNG[J]. Wireless Personal Communications, 2017, 92 (4): 1591- 1597.
doi: 10.1007/s11277-016-3623-z
4 XIAO F , ZHOU Y J , ZHOU J X , et al. Security protocol for RFID system conforming to EPC-C1 G2 standards[J]. Journal of Computers, 2013, 8 (3): 605- 612.
5 ABDOLMALEKI B, BAGHERY K, AKHBARI B, et al. Analysis of Xiao et al.'s authentication protocol conforming to EPC C1 G2 standard[C]//2016 8th International Symposium on Telecommunications (IST), Iran:IEEE, 2016:111-116.
6 DELVAUX J , PEETERS R , GU D W , et al. A survey on lightweight entity authentication with strong PUFs[J]. ACM Computing Surveys, 2015, 48 (2): 1- 42.
7 BOLOTNYY L, ROBINS G. Physically unclonable function-based security and privacy in RFID systems[C]//Fifth Annual IEEE International Conference on Pervasive Computing and Communications. New York: IEEE, 2007: 211-220.
8 KULSENG L, YU Z, WEI Y W, et al. Lightweight mutual authentication and ownership transfer for RFID systems[C]//2010 Proceedings IEEE INFOCOM Conference. San Diego: IEEE, 2010: 1-5.
9 KARDAS S, AKGÜN M, KIRAZ M S, et al. Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems[C]//2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications. Istanbul: IEEE, 2011: 20-25.
10 BASSIL R, EL-BEAINO W, KAYSSI A, et al. A PUF-based ultra-lightweight mutual-authentication RFID protocol[C]//Internet Technology and Secured Transactions (ICITST). New York: IEEE, 2011: 495-499.
11 李晖, 夏伟, 邓冠阳, 等. 超轻量级双向认证协议PUMAP的安全性分析[J]. 北京理工大学学报, 2013, 33 (12): 1259- 1262.
doi: 10.3969/j.issn.1001-0645.2013.12.010
LI Hui , XIA Wei , DENG Guanyang , et al. Security analysis of a PUF based ultra-lightweight mutual authentication RFID protocol-PUMAP[J]. Transactions of Beijing Institute of Technology, 2013, 33 (12): 1259- 1262.
doi: 10.3969/j.issn.1001-0645.2013.12.010
12 徐旭光, 欧毓毅, 凌捷, 等. 基于PUF的轻量级RFID安全认证协议[J]. 计算机应用与软件, 2014, 31 (11): 302- 306.
doi: 10.3969/j.issn.1000-386x.2014.11.077
XU Xuguang , OU Yuyi , LING Jie , et al. Lightweight rfid secure authentication protocol based on puf[J]. Computer Applications and Software, 2014, 31 (11): 302- 306.
doi: 10.3969/j.issn.1000-386x.2014.11.077
13 寇红召, 张紫楠, 马骏, 等. 基于物理不可克隆函数的RFID双除认证[J]. 计算机工程, 2013, 39 (6): 142- 145.
KOU Hongzhao , ZHANG Zinan , MA Jun , et al. RFID mutual authentication based on physical unclonable function[J]. Computer Engineering, 2013, 39 (6): 142- 145.
14 柳毅, 顾国生. 一种新的轻量级RFID双向认证协议[J]. 计算机科学, 2017, 44 (2): 206- 208, 227.
LIU Yi , GU Guosheng . New mutual authentication for lightweight RFID protocols[J]. Computer Science, 2017, 44 (2): 206- 208, 227.
15 THAYER FÁBREGA F J , HERZOG J C , GUTTMAN J D . Strand spaces: proving security protocols correct[J]. Journal of Computer Security, 1999, 7 (2/3): 191- 230.
16 THAYER F F J, HERZOG J C, GUTTMAN J D. Honest ideals on strand spaces[C]//Proceedings of 11th IEEE ComputerSecurity Foundations Workshop. Rockport: IEEE, 1998: 66-77.
[1] 孟博,鲁金钿,王德军,何旭东. 安全协议实施安全性分析综述[J]. 山东大学学报(理学版), 2018, 53(1): 1-18.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 赵君1,赵晶2,樊廷俊1*,袁文鹏1,3,张铮1,丛日山1. 水溶性海星皂苷的分离纯化及其抗肿瘤活性研究[J]. J4, 2013, 48(1): 30 -35 .
[2] 杨永伟1,2,贺鹏飞2,李毅君2,3. BL-代数的严格滤子[J]. 山东大学学报(理学版), 2014, 49(03): 63 -67 .
[3] 孟祥波1,张立东1,杜子平2. 均值-方差标准下带跳的保险公司投资与再保险策略[J]. 山东大学学报(理学版), 2014, 49(05): 36 -40 .
[4] 韩亚飞,伊文慧,王文波,王延平,王华田*. 基于高通量测序技术的连作杨树人工林土壤细菌多样性研究[J]. 山东大学学报(理学版), 2014, 49(05): 1 -6 .
[5] 彭振华,徐义红*,涂相求. 近似拟不变凸集值优化问题弱有效元的最优性条件[J]. 山东大学学报(理学版), 2014, 49(05): 41 -44 .
[6] 刘战杰1,马儒宁1,邹国平1,钟宝江2,丁军娣3. 一种新的基于区域生长的彩色图像分割算法[J]. J4, 2010, 45(7): 76 -80 .
[7] 罗斯特,卢丽倩,崔若飞,周伟伟,李增勇*. Monte-Carlo仿真酒精特征波长光子在皮肤中的传输规律及光纤探头设计[J]. J4, 2013, 48(1): 46 -50 .
[8] 郭兰兰1,2,耿介1,石硕1,3,苑飞1,雷丽1,杜广生1*. 基于UDF方法的阀门变速关闭过程中的#br# 水击压强计算研究[J]. 山东大学学报(理学版), 2014, 49(03): 27 -30 .
[9] 周伟娜,左连翠*. 几类图的笛卡尔积图的(d,1)-全标号[J]. 山东大学学报(理学版), 2014, 49(04): 24 -28 .
[10] 廖明哲. 哥德巴赫的两个猜想[J]. J4, 2013, 48(2): 1 -14 .